From c361ea7c1453d381bb5fa7971f30c05be2562b59 Mon Sep 17 00:00:00 2001 From: jcj Date: Tue, 22 Jul 2025 16:52:15 +0900 Subject: [PATCH] feat: add service account metric. Signed-off-by: jcj --- .../metric/iam_workspace_count.yaml | 18 ++++++++++ .../inventory/manager/identity_manager.py | 6 ++++ .../inventory/manager/metric_manager.py | 36 +++++++++++++++++++ 3 files changed, 60 insertions(+) create mode 100644 src/spaceone/inventory/managed_resource/metric/iam_workspace_count.yaml diff --git a/src/spaceone/inventory/managed_resource/metric/iam_workspace_count.yaml b/src/spaceone/inventory/managed_resource/metric/iam_workspace_count.yaml new file mode 100644 index 0000000..4b7b0aa --- /dev/null +++ b/src/spaceone/inventory/managed_resource/metric/iam_workspace_count.yaml @@ -0,0 +1,18 @@ +--- +metric_id: metric-managed-iam-workspace +name: Workspace Count +metric_type: GAUGE +resource_type: identity.Workspace +query_options: + group_by: + - key: state + name: State + default: true + - key: is_dormant + name: Dormant + fields: + value: + operator: count +unit: Count +namespace_id: ns-managed-iam-summary +version: '1.0' \ No newline at end of file diff --git a/src/spaceone/inventory/manager/identity_manager.py b/src/spaceone/inventory/manager/identity_manager.py index 493791c..5265175 100644 --- a/src/spaceone/inventory/manager/identity_manager.py +++ b/src/spaceone/inventory/manager/identity_manager.py @@ -124,3 +124,9 @@ def analyze_service_accounts(self, query: dict, domain_id: str) -> dict: return self.identity_conn.dispatch( "ServiceAccount.analyze", {"query": query}, x_domain_id=domain_id ) + + def analyze_workspaces(self, query: dict, domain_id: str) -> dict: + # For background job, use system token + return self.identity_conn.dispatch( + "Workspace.analyze", {"query": query}, x_domain_id=domain_id + ) diff --git a/src/spaceone/inventory/manager/metric_manager.py b/src/spaceone/inventory/manager/metric_manager.py index bdcd18a..0ffc53a 100644 --- a/src/spaceone/inventory/manager/metric_manager.py +++ b/src/spaceone/inventory/manager/metric_manager.py @@ -239,6 +239,8 @@ def analyze_resource( ) elif metric_vo.resource_type == "identity.ServiceAccount": return self._analyze_service_accounts(query, domain_id) + elif metric_vo.resource_type == "identity.Workspace": + return self._analyze_workspaces(query, domain_id) else: raise ERROR_NOT_SUPPORT_RESOURCE_TYPE(resource_type=resource_type) except Exception as e: @@ -752,3 +754,37 @@ def _analyze_service_accounts(query: dict, domain_id: str) -> list: response = identity_mgr.analyze_service_accounts(query, domain_id) return response.get("results", []) + + @staticmethod + def _analyze_workspaces(query: dict, domain_id: str) -> list: + default_group_by = [ + "workspace_id", + ] + changed_group_by = [] + changed_group_by += copy.deepcopy(default_group_by) + + for group_option in query.get("group_by", []): + if isinstance(group_option, dict): + key = group_option.get("key") + else: + key = group_option + + if key not in default_group_by: + changed_group_by.append(group_option) + + query["group_by"] = changed_group_by + query["filter"] = query.get("filter", []) + query["filter"].append({"k": "domain_id", "v": domain_id, "o": "eq"}) + + if "select" in query: + for group_by_key in ["workspace_id"]: + query["select"][group_by_key] = group_by_key + + _LOGGER.debug( + f"[_analyze_workspace] Analyze Workspace Query: {query}" + ) + + identity_mgr = IdentityManager() + response = identity_mgr.analyze_workspaces(query, domain_id) + + return response.get("results", [])